CentOS 6.5 & CentOS 7 rpm安裝ftp服務端與ftp客戶端

一、rpm安裝ftp服務端

1、查看是否安裝vsftp
rpm -qa|grep vsftpd

如果出現vsftpd,說明已經安裝 vsftp

2、下載vsftpd:

我這裏下載的是vsftpd-2.2.2-24.el6.x86_64.rpm
下載地址:ftp服務端程序vsftpd-2.2.2-24.el6.x86_64.rpm 以及ftp客戶端 ftp-0.17-54.el6.x86_64.rpm

3、安裝vsftpd
rpm -ivh vsftpd-2.2.2-24.el6.x86_64.rpm
4、測試 是否安裝成功
service vsftpd start

爲 vsftpd 啓動 vsftp

5、配置vsftpd
whereis vsftpd
cd /etc/vsftpd/
cp vsftpd.conf vsftpd.conf_bak

效果如下圖:
在這裏插入圖片描述
編輯vsftpd.conf文件:

vim vsftpd.conf

具體設置(可供參考):

核心設置

# 允許本地用戶登錄

local_enable=YES

# 本地用戶的寫權限

write_enable=YES

# 使用FTP的本地文件權限,默認爲077

# 一般設置爲022

local_umask=022

# 切換目錄時

# 是否顯示目錄下.message的內容

dirmessage_enable=YES

dirlist_enable = NO

#驗證方式

#pam_service_name=vsftpd

# 啓用FTP數據端口的數據連接

connect_from_port_20=YES

# 以獨立的FTP服務運行

listen=yes

# 修改連接端口

#listen_port=2121

匿名登錄設置

# 允許匿名登錄

anonymous_enable=NO

# 如果允許匿名登錄

# 是否開啓匿名上傳權限

#anon_upload_enable=YES

# 如果允許匿名登錄

# 是否允許匿名建立文件夾並在文件夾內上傳文件

#anon_mkdir_write_enable=YES

# 如果允許匿名登錄

# 匿名帳號可以有刪除的權限

#anon_other_write_enable=yes

# 如果允許匿名登錄

# 匿名的下載權限

# 匿名爲Other,可設置目錄/文件屬性控制

#anon_world_readable_only=no

# 如果允許匿名登錄

# 限制匿名用戶傳輸速率,單位bite

#anon_max_rate=30000

用戶限制設置

限制登錄

# 用userlist來限制用戶訪問

#userlist_enable=yes

# 名單中的人不允許訪問

#userlist_deny=no

# 限制名單文件放置的路徑

#userlist_file=/etc/vsftpd/userlist_deny.chroot

限制目錄

# 限制所有用戶都在家目錄

#chroot_local_user=yes

# 調用限制在家目錄的用戶名單

chroot_list_enable=YES

# 限制在家目錄的用戶名單所在路徑

chroot_list_file=/etc/vsftpd/chroot_list

日誌設置

# 日誌文件路徑設置

xferlog_file=/var/log/vsftpd.log

# 激活上傳/下載的日誌

xferlog_enable=YES

# 使用標準的日誌格式

#xferlog_std_format=YES

安全設置

# 用戶空閒超時,單位秒

#idle_session_timeout=600

# 數據連接空閒超時,單位秒

#data_connection_timeout=120

# 將客戶端空閒1分鐘後斷開

#accept_timeout=60

# 中斷1分鐘後重新連接

#connect_timeout=60

# 本地用戶傳輸速率,單位bite

#local_max_rate=50000

# FTP的最大連接數

#max_clients=200

# 每IP的最大連接數

#max_per_ip=5

被動模式設置

# 是否開戶被動模式

pasv_enable=yes

# 被動模式最小端口

pasv_min_port=5000

# 被動模式最大端口

pasv_max_port=6000



其他設置

# 歡迎信息

ftpd_banner=Welcome to Ftp Server!

我的配置如下:

# Example config file /etc/vsftpd/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
# When SELinux is enforcing check for SE bool ftp_home_dir
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
# When SELinux is enforcing check for SE bool allow_ftpd_anon_write, allow_ftpd_full_access
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# You may override where the log file goes if you like. The default is shown
# below.
#xferlog_file=/var/log/xferlog
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode. The vsftpd.conf(5) man page explains
# the behaviour when these options are disabled.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd/banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
# the user does not have write access to the top level directory within the
# chroot)
chroot_local_user=YES
chroot_list_enable=YES
# (default follows)
chroot_list_file=/etc/vsftpd/chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
#
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
listen=NO
#
# This directive enables listening on IPv6 sockets. By default, listening
# on the IPv6 "any" address (::) will accept connections from both IPv6
# and IPv4 clients. It is not necessary to listen on *both* IPv4 and IPv6
# sockets. If you want that (perhaps because you want to listen on specific
# addresses) then you must run two copies of vsftpd with two configuration
# files.
# Make sure, that one of the listen options is commented !!
listen_ipv6=YES

pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES

#開放1000個端口用於被動模式調用
pasv_min_port=30000
pasv_max_port=30999

#不添加下面這個會報錯:500 OOPS: vsftpd: refusing to run with writable root inside chroot()
allow_writeable_chroot=YES
##啓動被動式聯機(passivemode), 必須設置爲 YES!開啓被動模式
pasv_enable=YES
##默認是 50,限制了同一IP地址客戶端連接數。0表示不限制,如果配置具體數值,則數值不要小於2000。
max_per_ip=0
##默認是 100,限制了所有用戶連接數。0表示不限制,如果配置具體數值,則數值不要小於2000。
max_clients=0
##FTP訪問目錄
local_root=/home/ftpuser/
##解決ftp登陸慢問題
reverse_lookup_enable=NO

6、 添加ftp防火牆規則:
6.1、針對centos6.5

#防火牆放開21端口

/sbin/iptables -I INPUT -p tcp --dport 21 -j ACCEPT

#將更改進行保存

/etc/rc.d/init.d/iptables save 

#重啓防火牆以便改動生效,當然如果不覺得麻煩也可重啓系統(命令:reboot)

/etc/init.d/iptables restart 

查看打開端口命令

/etc/init.d/iptables status
6.2、針對centos7

#防火牆放開21端口

firewall-cmd --add-port=21/tcp --permanent

#將更改進行保存

firewall-cmd --reload

查看當前開放的端口:

firewall-cmd --zone=public --list-ports
7、 添加用戶(注意,該處添加nologin類型用戶ftpuser):

添加nologin類型用戶

useradd -s /sbin/nologin -d /home/ftpuser ftpuser

ftpuser 設置ftpuser的密碼

passwd ftpuser

注意後面要輸兩次ftpuser要設置的密碼,前後一致

8、重新啓動

對於centos6.5:

service vsftpd stop
service vsftpd start

對於centos7,還可以使用:

systemctl start vsftpd.service

查看是否啓動:

systemctl status vsftpd.service

二、rpm安裝ftp客戶端

安裝後即可使用ftp命令在本機進行測試

1、下載

我這裏下載的是ftp-0.17-54.el6.x86_64.rpm這個版本
下載地址同上:ftp服務端程序vsftpd-2.2.2-24.el6.x86_64.rpm 以及ftp客戶端 ftp-0.17-54.el6.x86_64.rpm

2、安裝
rpm -Uvh ftp-0.17-54.el6.x86_64.rpm
3、使用ftp命令在本機進行測試

命令格式 : ftp 本機ip 端口

ftp 192.168.77.135

然後分三步操作:

  • 輸入用戶名
  • 輸入密碼
  • ls查看ftp目錄

至此,ftp安裝測試就完成了!

三、ftp常用命令

3.1 常用FTP命令

許多FTP命令與您在Linux shell提示符中鍵入的命令類似或相同。

以下是一些最常見的FTP命令

  • help或? - 列出所有可用的FTP命令。
  • cd - 更改遠程計算機上的目錄。
  • lcd - 更改本地計算機上的目錄。
  • ls - 列出當前遠程目錄中的文件和目錄的名稱。
  • mkdir - 在當前遠程目錄中創建一個新目錄。
  • pwd - 打印遠程計算機上的當前工作目錄。
  • delete - 刪除當前遠程目錄中的文件。
  • rmdir - 刪除當前遠程目錄中的目錄。
  • get - 將一個文件從遠程複製到本地計算機。
  • mget - 將多個文件從遠程複製到本地計算機。
  • put - 將一個文件從本地複製到遠程計算機。
  • mput - 將一個文件從本地複製到遠程計算機。
3.2 使用FTP命令下載文件

登錄後,您當前的工作目錄是遠程用戶主目錄。

使用該ftp命令下載文件時,文件將下載到您鍵入ftp命令的目錄中。

如果要將文件下載到另一個本地目錄,請使用該lcd命令切換到該目錄。

假設我們要將文件下載到~/ftp_downloads目錄:

lcd ~/ftp_downloads

要從遠程服務器下載單個文件,請使用該get命令。例如,要下載名爲的文件,請backup.zip使用以下命令:

get backup.zip

輸出應該如下所示:

200 PORT command successful
150-Connecting to port 60609
150 6516.9 kbytes to download
226-File successfully transferred
226 2.356 seconds (measured here), 2.70 Mbytes per second
6673256 bytes received in 2.55 seconds (2.49 Mbytes/s)
要一次下載多個文件,請使用該mget命令。您可以提供單個文件名列表或使用通配符。

mget backup1.zip backup2.zip

下載多個文件時,系統將提示您確認每個文件。

mget backup1.zip? y

200 PORT command successful
150 Connecting to port 52231
226-File successfully transferred
226 0.000 seconds (measured here), 31.51 Kbytes per second
14 bytes received in 0.00058 seconds (23.6 kbytes/s)

mget backup2.zip? y

200 PORT command successful
150-Connecting to port 59179
150 7.2 kbytes to download
226-File successfully transferred
226 0.000 seconds (measured here), 16.68 Mbytes per second
7415 bytes received in 0.011 seconds (661 kbytes/s)
完成從遠程FTP服務器下載文件後,bye或關閉連接quit。

quit

221-Goodbye. You uploaded 0 and downloaded 6544 kbytes.
221 Logout.

3.3使用FTP命令上載文件

要將文件從本地目錄上載到遠程FTP服務器,請使用以下put命令:

put image.jpg

輸出應該如下所示:

200 PORT command successful
150 Connecting to port 34583
226-File successfully transferred
226 0.849 seconds (measured here), 111.48 Kbytes per second
96936 bytes sent in 0.421 seconds (225 kbytes/s)
如果要上載不在當前工作目錄中的文件,請使用該文件的絕對路徑。

要將多個文件從本地目錄上載到遠程FTP服務器,請使用以下mput命令:

mput image1.jpg image2.jpg
mput image1.jpg? y

200 PORT command successful
150 Connecting to port 41075
226-File successfully transferred
226 1.439 seconds (measured here), 102.89 Kbytes per second
151586 bytes sent in 1.07 seconds (138 kbytes/s)

mput image2.jpg? y

200 PORT command successful
150 Connecting to port 40759
226-File successfully transferred
226 1.727 seconds (measured here), 111.75 Kbytes per second
197565 bytes sent in 1.39 seconds (138 kbytes/s)

上傳多個文件時,系統將提示您確認要上傳的每個文件。
完成上傳文件到遠程FTP服務器後,用bye或關閉連接quit。

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章